This article relates to managing access groups and roles.
Please note that you can have multiple shares for the same group or place. Kisi will allow access if at least one of the shares permits access. This means permissive groups override non-permissive groups.
Standard Kisi Place
A user can be issued different roles which will determine what features they can edit. The diagram below gives a general overview of the differences between a regular user, observer, manager, administrator and place owner.
On Kisi's standard plan you can create unlimited managers.
|Can access doors for this place||✅||✅||✅||✅||✅||✅||✅|
|Can view member access to this group||❌||✅||✅||✅||✅||✅||✅|
|Can view member access to this group||❌||❌||✅||✅||✅||✅||✅|
|Can view member access to this place||❌||❌||❌||✅||✅||✅||✅|
|Can view restrictions for this place||❌||❌||❌||❌||✅||✅||✅|
|Can edit shares for members in group||❌||❌||✅||❌||✅||✅||✅|
|Can edit shares for members in place||❌||❌||❌||❌||✅||✅||✅|
|Can manage restrictions for this place||❌||❌||❌||❌||❌||✅||✅|
|Can manage groups for this place||❌||❌||❌||❌||❌||✅||✅|
|Can manage doors for this place||❌||❌||❌||❌||❌||✅||✅|
|Can manage integrations for this place||❌||❌||❌||❌||❌||✅||✅|
|Can update billing information||❌||❌||❌||❌||❌||✅||✅|
|Can transfer the place to new owner||❌||❌||❌||❌||❌||❌||✅|
API keys can only be created by entire place admins or place owners. They should only be created by place owners to avoid the API key becoming invalid when a place admin looses their admin rights.
To assign a place wide admin, go to the member, scroll to the bottom to "memberships" and click on "entire place".
On the bottom click on "Role" and change it to "Place Administrator":
In general, the Groups (they are called Teams in Organizations) are the same thing as Groups in your old account.
|__Basic User__||__Team Administrator__||__Organizations Administrator__||__Organizations Owner__|
|Can access doors for this place||✅||✅||✅||✅|
|Can view member access to their team||❌||✅||✅||✅|
|Can view restrictions for their team||❌||✅||✅||✅|
|Can add/delete shares for members in their team||❌||✅||✅||✅|
|Can manage restrictions for this place||❌||✅||✅||✅|
|Can manage teams for this organization||❌||❌||✅||✅|
|Can manage doors for this organization||❌||❌||✅||✅|
|Can manage integrations for this organization||❌||❌||✅||✅|
|Can update billing information||❌||❌||✅||✅|
|Can create new organizations administrators||❌||❌||❌||✅|
API keys can only be created by entire organization admins or organization owners. They should only be created by organization owners to avoid the API key becoming invalid when a organization admin looses their admin rights.